The agents are the lifeblood of our network. Without them we’d be dead (in the water). They provide a global health check by measuring the levels of radiation in their immediate areas and reporting their findings back to a central location for analysis. The termradiation is a bit vague though. It’s simply defined as the emission of energy through something. Radio waves and light are forms of radiation and they are, of course, not harmful.

What we really want to measure is ionizing radiation, which is an energy emission that is sufficiently powerful enough to create ions by kicking electrons loose from nearby atoms. There are two types of ionizing radiation: wave-based (electromagnetic) and particle-based.

Electromagnetic radiation becomes problematic when the wavelength has a high enough energy potential (somewhere between 10eV – 33eV which is below the ultraviolet spectrum). Wave-based ionizing radiation occurs in two forms we care about: X-ray, and Gamma-ray. These two differ only in wavelength where gamma rays are considerably shorter in length.

Particle-based radiation occurs in three forms: alpha, beta, and neutron radiation. Alpha radiation is a bastardized form of helium, beta radiation is a wild electron, and neutron radiation is, well, a wild neutron. These particles become problematic when they have very high momentum.

Ionizing radiation can have an effect on nearby atoms because they have enough energy to cause the atoms around them to dislodge electrons. Suffice to say the atoms don’t like that because it can mean breaking apart existing chemical bonds, or causing new bonds to form. As you can imagine that might not go so well in living organisms.

Monitoring ionizing radiation levels can be done by various types of sensors like Geiger counters, proportional counters, or scintillators by watching changes in voltage (or luminescence in the case of scintillators) caused by ionizing events. These sensors can monitor most forms of ionizing radiation, but their use cases depend on what exactly you’re wanting to measure. Geiger counters are pretty good at measuring overall counts of ionizing events, but they don’t necessarily distinguish between forms of radiation. Conversely, proportional counters are capable of making distinctions.

Now, what we’re wanting to do is measure ionizing radiation within the bounds of it having an effect on human health. That means we’re actually wanting to measure dose rate, not just a simple count of events. That means we also don’t necessarily care whatkind of radiation is present, just that radiation is present.

That’s actually not true. If something serious occurred that produced large amounts of radiation, it would be useful to know what kind was present so we know how to protect ourselves.

For instance, a high level of alpha radiation is manageable because it can’t pass through the thin layer of dead skin on our bodies, but we need to be careful because particles emitting alpha radiation can be inhaled or swallowed.

Beta radiation is trickier to manage because it can pass through thicker materials, and in doing so emit x-rays if it’s the wrong type of material.

Gamma radiation is even trickier to manage because it can easily pass through thick layers of shielding without much effort.

Lastly, neutron radiation is the hardest to manage because its the most powerful. It can radiate through thick concrete or metal, and it can actually cause other materials to become irradiated through neutron activation. Thankfully it’s also extraordinarily rare, and only found in the middle of nuclear reactors (or explosions). It’s a safe bet we don’t need to monitor for this, but we can monitor it indirectly because the byproduct of neutron radiation is other forms of radiation.

The effects radiation has on health is measured through effective dose over a period of time. It takes large doses in short periods to harm us, but it only takes low doses over longer periods of time to harm us. We can see this in examples of exposure:

Figure 3: Dose rate affecting health

Given this, we can use a Geiger counter acting as a dosimeter for the basis of the sensor in our agent. The agent would poll the Geiger counter and send the results back to the servers for analysis.

Threats to Agent Availability

Earlier we estimated that we would need 3,474,812 agents distributed globally to create our network. They will live in areas with any number of adverse conditions so we need to consider what could interfere with the operations of an agent.

Environmental

This is probably the most obvious condition to think about. We have to worry about serious weather conditions like torrential rain, extreme heat, freezing, dust, etc. There are also other things to consider like natural disasters causing flooding or fire, or stranger things like wild animals making nests in or around the agents.

We can compensate for these conditions by building durable enclosures that are weatherproofed for the intended climates.

Infrastructure

Not surprisingly we’ve also got to consider the condition that the internet or power will disappear from time to time.

Figure 4: Reliable internet, isn’t.

As it happens I’m all too familiar with this condition, though sometimes my preference for resolution doesn’t help anything.

Figure 5: A preferred solution

Losing power is potentially an easy thing to solve for in the short term as we can power our agents by battery. If we design it right, we can drive our agents on less than 5V @ 500mA power (a figure gathered from the design of the uRADMonitor), or 2.5W. For comparison, the lithium-ion battery in my laptop has the capacity for 100Wh. That means it can drive 100 watts for an hour, or 1 watt for 100 hours (or in the case of my laptop, 3-4 hours on a good day). Therefore it can power our agent for 40 hours before needing a recharge.

If we’re concerned with running our agents off grid we could potentially power them with solar panels too. In our case the required power is fairly low so we could conceivably use a small panel to run the agent and charge a battery during the day, and let the battery power the agent at night.

Getting back to the internet connection though, that might be a bit trickier. Populated areas often have connections to the internet of some sort, whether it be wired, cellular, or satellite. Our agent needs to support one of these methods, otherwise it’s not phoning home. These connections aren’t necessarily the most stable though, as I mentioned above. We can compensate by requiring our agents to have redundant connections to the internet, or even create wireless mesh networks between each agent. That would allow agents to redirect connections to other agents and piggy-back off their active connection.

We are forgetting one thing though. What happens in the nuclear scenario? Not surprisingly, we really kind of need our agents to withstand the effects they’re trying to measure. The absolute worst case scenario is that a bomb is dropped right on top of our agent. The short answer is that we can’t do much about that. It will be obliterated in microseconds. The second worst-case scenario on the other hand is slightly more workable, and that’s if a bomb is dropped just outside the blast range from our agent.

Figure 6: This is exactly how I picture our bomb being dropped.

Within seconds our agent will be awash in different types of radiation. This actually has a curious effect on electronics. The blast will cause an electromagnetic pulse (EMP) of radiation that will interact with the metal conductors in our electronic circuits and force electrons to start flowing causing spikes in current. If there’s enough current in those spikes our electronics will be fried. Best case the spikes just affect data by doing things like altering values being read from or written to memory.

That’s nothing compared to what happens if our agent starts getting bombarded with particle radiation though. The particles will actually knock loose atoms from the silicon chips as they skip across the substrates, kind of like a boulder taking out chunks of the ground as it careens down a hill. That of course can cause very strange behaviors in the chips rendering them inoperable.

There are things we can do to protect our agents from this sort of thing of course. Best case is that we can use Rad-hardened components for everything, but there probably aren’t rad-hardened versions of every component we’d need to use, and we need to be careful because they are only guaranteed to certain levels of radiation. That won’t necessarily solve all of our problems though. We’d need to build properly shielded enclosures to protect any exposed components as well as shield all wiring, since it would act as an antenna for the EMP. We might also consider doubling up on circuit components and run them in parallel so we can have fault tolerance. This is common practice in hostile environments for devices like satellites in space.

You can use a voting system to determine whether your data has been altered. Two processors compute a value and compare to each others value. If both agree they’re the same then you can be reasonably certain its fine, but if one disagrees then you get them to restart the process until you’re certain things are kosher, or you shut down the processor and wait for things to blow over.

It’s reasonable to assume the blast would have taken out our connection to the internet. The internet itself was never actually intended to withstand nuclear attacks, as some myths might lead you to believe. The underlying protocol, TCP, was built to withstand quite a number of failure modes, and designers of networks that could withstand nuclear war co-opted the protocol in their own designs. The internet as a whole was however designed to be extraordinarily resilient to failure, so odds are pretty good only our little corner of the internet was taken out.

Satellites flying above probably wouldn’t be affected by the blast (maybe, I’m assuming). Our backup connection could be satellite-based. Once our agent acknowledged their primary connection is toast they can just switch modes — eventually. One side effect of a nuclear blast is that it ionizes the air around it so much that radio communications can’t operate for a number of hours afterword. That means our mesh network wouldn’t work either.

Our agent would unfortunately be stranded there isolated from the rest of the world for a few hours before it can start phoning home. There isn’t a lot we can do at this point. Our agent needs to wait it out. Therefore, we need our agents to be smart enough to queue up measurements for an indefinite period of time.

If we’ve designed and built our agents properly we can now begin to start collecting data.

Author Spotlight

Steve Syfuhs is a security software developer. He has spent the last few years building identity systems and is currently working at Kaseya as a Lead Member of the Technical Staff on the Identity and Access team after Scorpion Software was acquired. He has also been a Microsoft Developer Security MVP since 2011.